Here are five super simple ways to keep your website safer.
№1 – Better usernames.
Don’t use ‘admin’ or your own name for a username. You can add another layer of security to your WordPress website by creating a private account with an unrelated username that you use for administering your website. Then create an editor level account that you publish all public-facing posts to. This makes it harder to guess the admin username and harder to break into your site.
№2 – Stronger passwords.
Use strong passwords with multiple character types. You can use spaces and punctuation to add more security to your passwords. Take your password security to another level with a password manager like LastPass to create unique, hard to crack passwords for everything.
№3 – Protect against brute-force attacks.
Use a plugin like WordFence, or a service like Cloudflare for extra protection against bots and brute-force attacks.
№4 – Keep WordPress Updated.
This might be the most important tip. Turn on auto-updates for core WordPress updates, and then go through your plugin list to allow auto-updates for all non-critical plugins. You can save updates to ecommerce and pagebuilder plugins for a staging site, but make sure you stay on top of those updates too.
№5 – Integrate two-factor authentication.
Use oAuth or a plugin like WP 2FA to protect against stolen passwords.